• DDoS Threats & Security Attacks: DDoS Reports & Cyber Security Threats

    New cyber security attacks and DDoS threats are lurking in the shadows everyday. Read the latest information and stay head of these vulnerabilities with updated DDoS reports and cyber security threat reports from Radware's Emergency Response Team (ERT).

    Tsunami SYN Flood Attack

    10/7/2014

    The Tsunami SYN Flood Attack is an intriguing variant of the traditional SYN flood attack. We believe that attackers are trying to challenge protected environments that would typically block a classic SYN flood but not this variant. In contrast, the Tsunami SYN flood can cause internet pipe saturation. Unlike other known pipe saturation offenses using mostly UDP traffic, the Tsunami SYN flood attack is carried over the more common TCP protocol. We have noticed attacks on entire IP and port ranges, again trying to bypass traditional SYN flood protection expecting the attack on a specific IP and port.

    Shellshock

    9/26/2014

    2 new vulnerabilities were recently found in Bash (CVE-2014-6271, CVE-2014-7169).These vulnerabilities potentially affect certain services and applications and allow remote unauthenticated attackers to exploit this issue and use this flaw to override or bypass environment restrictions.

    FBI Brobot

    7/14/2014

    The Brobot malware, also known as ‘itsoknoproblembro' and ‘kamikaze,’ is a general purpose PHP script infecting Content Management Systems (CMSs) using known vulnerabilities. During 2012 and 2013, infected networks were used to launch massive DDoS attacks against US-based banks. This attack, also known as Operation Ababil, was considered the biggest DDoS attack campaign ever.

    OpSaveGaza

    7/11/2014

    Due to the growing tension between Palestine and Israel that includes military actions in the sector of Gaza, several hacktivists groups have united in a cyber-attack campaign against Israel, named #OpSaveGaza.

    2014 FIFA World Cup

    6/6/2014

    Recently it has been reported in the news that hacktivist group Anonymous intends to attack the 2014 FIFA World Cup including its partners and sponsors. The threat gained public attention after an interview with an Anonymous group spokesman, referring to himself as Che Commondore, provided select details about the planned operation.

    Ukraine-Russia Global Conflict

    5/8/2014

    The current conflict between Ukraine and Russia following the Ukrainian revolution, the Crimean peninsula crisis, and the recent fighting in Slovyansk and Odessa, has the potential of military and political escalation. This conflict takes a global form following the involvement of the USA, Europe, NATO and other actors.

    Heart Bleed - OpenSSL

    4/27/2014

    A critical vulnerability was recently found in OpenSSL; Due to a missing bounds check in the handling of the TLS heartbeat extension, 64K of memory can be revealed to a connected client or server. Only OpenSSL versions 1.0.1-1.0.1f, 1.0.2-beta and 1.0.2- beta1 are affected.